Main Vulnerability Database SB2022120836

SB2022120836 - Insufficiently protected credentials in Jenkins Gitea plugin

Published: December 8, 2022

Security Bulletin ID SB2022120836

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Description

This security bulletin contains information about 1 security vulnerability.

1) Insufficiently protected credentials (CVE-ID: CVE-2022-46685)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to improper credentials masking. A remote user can gain access to protected data.

Install update from vendor's website.